Getting Rid of Flash and Java

Flash and Java are two very popular and widely used web technology programs or software platforms. Adobe Flash is used mainly for streaming videos on the web. While Java is used for creating web applets.

To be able to view streaming Flash videos, the user needs to have locally installed Adobe Flash. And to be able to run Java applets, the user needs to have locally installed Oracle’s Java Runtime Environment (JRE).

The Trouble

Over the years, many have criticized these platforms. But in the last few years things got much worse. Both platforms were shown to be riddled with serious security flaws that enable hackers and government agencies to remotely exploit user computers.

One of the reasons for this is that both platforms became relatively popular — making the vulnerabilities and their exploitation a lucrative business.

The list of critical vulnerabilities is virtually endless both in Adobe Flash and Oracle JRE. Just in the last month (January 2015) the numbers of newly discovered vulnerabilities were 12 for Adobe Flash and 20 for Oracle JRE.

Many of these were identified as zero-day vulnerabilities. A zero-day vulnerability is one that can be exploited by a hacker without any limit, because at the time the hacking takes place there is no patch available for the vulnerability.

This is why Flash and Java are most fertile grounds for malicious actors. For example, a browser with a vulnerable version of Adobe Flash installed can be enough in some cases to take over control of someone’s computer.

Weighing Risks and Benefits

Adobe Flash is used by 11.8% of all websites while Java is used on less than 3% of servers and on less than 0.1% of websites. And these percentages tend to drop each year.

One of the reasons for the dropping usage of Adobe Flash is that it is a proprietary, not an open standard. It is also important to note that Adobe Flash uses a lot of processing time making it unfit for mobile technologies. Its unsecure nature is also an obvious factor.

It seems that HTML5 will soon replace Flash. HTML5 is an open standard that has the WHAT Working Group behind it, namely Apple, Opera Software, and the Mozilla Foundation. Google is also migrating their YouTube videos to HTML5 support which will certainly have a massive impact on helping HTML5 become fully mainstream.

Personally, I decided to get rid of Adobe Flash for good. I did so a few weeks ago and I have yet to find a reason to re-install it. As for the Java Runtime Environment, I have to keep it and update it every other day, because some critical programs I need (e.g. government-issued personal certification software) use it.

Uninstalling the Troublemakers

If you decide that you are able to live without Flash and Java, then uninstall them. My guess is that you won’t notice anything and your life will simply go on. The only difference will be that your computer and online existence will be much more secure.

And to check whether you have Oracle JRE installed, click here or here.

To uninstall Flash and/or Java, go to Control Panel > Programs > Programs and Features > Uninstall a program. Select the item you wish to uninstall and click on the Uninstall button. The uninstall process will take you through the necessary steps.

It is interesting to know that the late Steve Jobs saw these developments coming a few years ago. Here are his thoughts on Flash.

Update (February 3, 2015)

Uninstalling Adobe Flash via the Control Panel doesn’t affect Google Chrome’s native Flash plugin. To disable this Flash plugin, launch Google Chrome, then type and enter chrome://plugins in the address bar. Find Adobe Flash Player in the list of plugins and click on the Disable link below it. After a short while Chrome will disable its Flash plugin.